| 1.2.1 Ensure GPG keys are configured | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1 Ensure GPG keys are configured | CIS Rocky Linux 8 Server L1 v2.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1 Ensure GPG keys are configured | CIS AlmaLinux OS 8 Workstation L1 v3.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1.1 Ensure GPG keys are configured | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure filesystem integrity is regularly checked | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 1.6.3 Ensure prelink is disabled | CIS Debian Family Server L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.6.3 Ensure prelink is disabled | CIS Debian Family Workstation L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.3.17.4 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3.029 - Print driver installation privilege is not restricted to administrators. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 4.4 Ensure 'Software Update' returns 'Your software is up to date.' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.7.9 (L1) Ensure 'Manage processing of Queue-specific files: Manage processing of Queue-Specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.2.11 (L1) Ensure sign-in frequency for Intune Enrollment is set to 'Every time' | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 7.1.1 Disable VDS network healthcheck if not used | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 18.7.4 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.9 Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.9 Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.10 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.10 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DB2X-00-005300 - In the event of a system failure, DB2 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes - Recovery Plan | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DB2X-00-005300 - In the event of a system failure, DB2 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes - Tested | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Excel - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft Access 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft Excel 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft OneNote 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft Excel 2016 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Project - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Publisher - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Word - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Scripted Window Security must be enforced. | DISA STIG Microsoft OneNote 2016 v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked in PowerPoint. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft OneDrive v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft Project 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft Project 2013 v1r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Protection from zone elevation must be enforced. | DISA STIG Microsoft Excel 2016 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Protection from zone elevation must be enforced. | DISA STIG Microsoft Project 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Protection from zone elevation must be enforced. | DISA STIG Microsoft Word 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO504 - Navigation to URLs embedded in Office products must be blocked in PowerPoint Viewer. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-10-001000 - Google Android 10 must be configured to enforce an application installation policy by specifying an application whitelist that restricts applications by the following characteristics: [selection: list of digital signatures, cryptographic hash values, names, application version]. | MobileIron - DISA Google Android 10.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-006600 - Google Android 12 must be configured to enforce an application installation policy by specifying an application allowlist that restricts applications by the following characteristics: [selection: list of digital signatures, cryptographic hash values, names, application version]. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-006600 - Google Android 14 must be configured to enforce an application installation policy by specifying an application allowlist that restricts applications by the following characteristics: [selection: list of digital signatures, cryptographic hash values, names, application version]. | MobileIron - DISA Google Android 14 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-706600 - Google Android 14 must be configured to enforce an application installation policy by specifying an application allowlist that restricts applications by the following characteristics: [selection: list of digital signatures, cryptographic hash values, names, application version]. | AirWatch - DISA Google Android 14 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| VCSA-80-000281 - The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| WN12-SO-000051 - Anonymous enumeration of SAM accounts must not be allowed. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN16-SO-000260 - Anonymous enumeration of Security Account Manager (SAM) accounts must not be allowed. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | CONFIGURATION MANAGEMENT |
| ZEBR-10-001000 - Zebra Android 10 must be configured to enforce an application installation policy by specifying an application whitelist that restricts applications by the following characteristics: [selection: list of digital signatures, cryptographic hash values, names, application version]. | AirWatch - DISA Zebra Android 10 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-001000 - Zebra Android 10 must be configured to enforce an application installation policy by specifying an application whitelist that restricts applications by the following characteristics: [selection: list of digital signatures, cryptographic hash values, names, application version]. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
